Study & Research

Multiple Zero-Days Discovered In Leading Antivirus And Endpoint Solutions

By ISBuzz Team
Writer , Information Security Buzz | Dec 08, 2022 05:32 am PST

Endpoint security, Identity and access management (IAM), Malware and Vulnerabilities

Multiple Zero-Day Security vulnerabilities in Top Endpoints Detecting and Responding (EDR) as well as Antivirus (AV) Solutions Found by SafeBreach Labs Researcher

In order to transform endpoint detection and response (EDR) and antivirus (AV) products into next-generation wipers. With the ability to affect hundreds of millions of endpoints worldwide, Or Yair. A security researcher at SafeBreach discovered a number of zero-day vulnerabilities. This wiper may delete practically any file on a system, including system files. And render a machine fully unbootable while operating with the permissions of an ordinary user. It accomplishes all of this without putting any code into the target files, making it completely undetected.

SafeBreach believes it is crucial that EDR and AV vendors proactively test their products against this type of vulnerability. If necessary, develop a remediation plan to ensure they are protected. While the team did its best to test the EDR and AV products we had access. It is not practical to test every product on the market.

Summarizing the importance of this research

Yair said:

“By openly sharing information about this discovery, our goal is to raise a warning flag about the existence of these zero-day vulnerabilities and the ability to exploit them. Organizations must understand that a wiper is much more dangerous if it uses a trusted entity on the system—in this case, an EDR or AV—to complete its malicious actions by proxy.

As cyber criminals continue to evolve their tactics, organizations must understand that having security controls does not mean an organization is secure. In fact, security controls may be a preferred target for attackers because of their high privileges and the very high level of trust they command. Organizations must be prepared to proactively test and evolve their defensive capabilities to protect themselves against this ever-changing threat landscape.”

For technical detail, please visit here: https://www.safebreach.com/resources/blog/safebreach-labs-researcher-discovers-multiple-zero-day-vulnerabilities/

0 Expert Comments

Inline Feedbacks

View all comments

Multiple Zero-Days Discovered In Leading Antivirus And Endpoint Solutions

Multiple Zero-Day Security vulnerabilities in Top Endpoints Detecting and Responding (EDR) as well as Antivirus (AV) Solutions Found by SafeBreach Labs Researcher

Summarizing the importance of this research

Most Active Commenters

Recent Comments

Recent Posts

Enhance Your Digital Crime and Security Practices Today

Disaster Recovery Tactics for Business Continuity

Working With Us

The Pages

Our Contributing Experts

Multiple Zero-Days Discovered In Leading Antivirus And Endpoint Solutions

Multiple Zero-Day Security vulnerabilities in Top Endpoints Detecting and Responding (EDR) as well as Antivirus (AV) Solutions Found by SafeBreach Labs Researcher

Summarizing the importance of this research

Most Commented Posts

Most Active Commenters

Recent Comments

Recent Posts

Understanding Cloud Access Security Brokers (CASB)

Decoding Cloud Security Posture Management (CSPM)

Master Cloud Compliance Tools: Achieve Regulatory Success

Enhance Your Digital Crime and Security Practices Today

Disaster Recovery Tactics for Business Continuity

Working With Us

The Pages

Our Contributing Experts